Java Security

Open-source Java projects categorized as Security
Edit details
Topics: Java Android Privacy Encryption HacktoberFest
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com
featured

Top 23 Java Security Projects

  • Keycloak

    Open Source Identity and Access Management For Modern Applications and Services

    • Project mention: Securing Remix Apps with Keycloak | dev.to | 2024-05-06

    In this article we'll be using Keycloak to quickly augment an application with user management and SSO. We will demonstrate the integration by securing a page for logged-in users. This quickly provides a jump-off point to more complex integrations.

  • ZAP

    The ZAP core project

    • Project mention: Bruno | news.ycombinator.com | 2024-03-09

    I use ZAP [1] with the OAST add-on for this at the moment. I admit the UX isn't perfect, but it serves my purpose.

    If I also want control over the responses (e.g. return a 401 status code for every fifth request), I have a custom extender script [2] for that.

    [1]: https://www.zaproxy.org/

  • InfluxDB

    Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

    InfluxDB logo

  • SuperTokens Community

    Open source alternative to Auth0 / Firebase Auth / AWS Cognito

    • Project mention: Ask HN: Simple Auth for Website | news.ycombinator.com | 2024-04-23

    I get what you are trying to do, but it feels a bit insecure. Why not use an OSS passwordless project like https://github.com/supertokens/supertokens-core/ or https://github.com/teamhanko/hanko

  • Cryptomator

    Multi-platform transparent client-side encryption of your files in the cloud

    • Project mention: Dropbox: How to opt out of 3rd party AI partner access to your Dropbox | news.ycombinator.com | 2023-12-13

    the best way to do this is with https://cryptomator.org

  • jjwt

    Java JWT: JSON Web Token for Java and Android

    • Project mention: Java JWT: JSON Web Token for Java and Android | news.ycombinator.com | 2023-10-04

  • Spring Security

    Spring Security

  • graylog

    Free and open log management

    • Project mention: graylog VS openobserve - a user suggested alternative | libhunt.com/r/graylog2-server | 2023-09-07

  • SaaSHub

    SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

    SaaSHub logo

  • DependencyCheck

    OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.

    • Project mention: OWASP dependency check (<9.0.0) could fail to work after Dec 15th, 2023 | /r/programming | 2023-12-05

  • MifareClassicTool

    An Android NFC app for reading, writing, analyzing, etc. MIFARE Classic RFID tags.

  • Apache Shiro

    Apache Shiro

    • Project mention: Serverless Apache Zeppelin on AWS | dev.to | 2024-02-04

    The only missing feature in this architecture is the login and logout capability. In this case, Apache Zeppelin provides Shiro for notebook authentication. Apache Shiro is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management. Here, you can find a step-by-step guide about how Shiro works. This example uses the default configuration.

  • hawk

    ✔️ Secure, simple key-value storage for Android

  • jasypt-spring-boot

    Jasypt integration for Spring boot

  • FairEmail

    Fully featured, open source, privacy friendly email app for Android

    • Project mention: Email Apps | /r/androidapps | 2023-12-10

  • pac4j

    Security engine for Java (authentication, authorization, multi frameworks): OAuth, CAS, SAML, OpenID Connect, LDAP, JWT...

    • Project mention: The Java security framework to protect web applications and web services | news.ycombinator.com | 2023-06-26

  • dependency-track

    Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

    • Project mention: Show HN: Pre-alpha tool for analyzing spdx SBOMs generated by GitHub | news.ycombinator.com | 2024-04-21

    I've become interested in SBOM recently, and found there were great tools like https://dependencytrack.org/ for CycloneDX SBOMs, but all I have is SPDX SBOMs generated by GitHub.

    I decided to have a go at writing my own dependency track esque tool aiming to integrate with the APIs GitHub provides.

    It's pretty limited in functionality so far, but can give a high level summary of the types of licenses your repository dependencies use, and let you drill down into potentially problematic ones.

    Written in NextJS + mui + sqlite, and using another project of mine to generate most of the API boilerplate/glue (https://github.com/mnahkies/openapi-code-generator)

  • jCasbin

    An authorization library that supports access control models like ACL, RBAC, ABAC in Java

  • find-sec-bugs

    The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)

  • Bouncy Castle

    Bouncy Castle Java Distribution (Mirror)

    • Project mention: Show HN: filippo.io/mlkem768 – Post-Quantum Cryptography for the Go Ecosystem | news.ycombinator.com | 2024-02-01

    Note that there may be incompatibilities until NIST has published the final revisions. Some specifications are on Round 3 kyber, others are on FIPS 203.

    This one will interoperate with Bouncy Castle as we both use FIPS 203 draft, but won't interoperate with OQS that is still on the Round 3 submission.

    See also: https://github.com/bcgit/bc-java/issues/1578

  • orbot

    The Github home of Orbot: Tor on Android (Also available on gitlab!)

    • Project mention: Daily Reminder: You Need Orbot on Your Smartphone | /r/privacy | 2023-10-24

  • burpgpt

    A Burp Suite extension that integrates OpenAI's GPT to perform an additional passive scan for discovering highly bespoke vulnerabilities, and enables running traffic-based analysis of any type.

  • Peergos

    A p2p, secure file storage, social network and application protocol

    • Project mention: Dropbox Sign Hacked | news.ycombinator.com | 2024-05-02

    Would love to hear your thoughts on Peergos - https://peergos.org

    https://github.com/peergos/peergos

  • itext-java

    iText for Java represents the next level of SDKs for developers that want to take advantage of the benefits PDF can bring. Equipped with a better document engine, high and low-level programming capabilities and the ability to create, edit and enhance PDF documents, iText can be a boon to nearly every workflow.

    • Project mention: FastPDF Service API (Java) VS itext7 - a user suggested alternative | libhunt.com/r/fastpdf-java | 2023-12-07

  • BinAbsInspector

    BinAbsInspector: Vulnerability Scanner for Binaries

  • SaaSHub

    SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

    SaaSHub logo
NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020).

Java Security related posts

  • Securing Remix Apps with Keycloak

    1 project | dev.to | 6 May 2024

  • Simplifying Keycloak Configuration with Terraform and Terragrunt

    1 project | dev.to | 4 May 2024

  • Ask HN: Simple Auth for Website

    2 projects | news.ycombinator.com | 23 Apr 2024

  • Securing Vue Apps with Keycloak

    3 projects | dev.to | 3 Apr 2024

  • User Management and Identity Brokering for On-Prem Apps with Keycloak

    1 project | dev.to | 3 Apr 2024

  • Navigating Identity Authentication: From LDAP to Modern Protocols

    2 projects | dev.to | 28 Mar 2024

  • Ask HN: No-code, simple-setup user management

    1 project | news.ycombinator.com | 11 Mar 2024
  • A note from our sponsor - InfluxDB
    www.influxdata.com | 17 May 2024
    Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality. Learn more →

Index

What are some of the best open-source Security projects in Java? This list will help you:

Project Stars
1 Keycloak 20,124
2 ZAP 12,059
3 SuperTokens Community 11,984
4 Cryptomator 10,703
5 jjwt 9,894
6 Spring Security 8,441
7 graylog 7,138
8 DependencyCheck 5,931
9 MifareClassicTool 4,276
10 Apache Shiro 4,261
11 hawk 3,966
12 jasypt-spring-boot 2,801
13 FairEmail 2,766
14 pac4j 2,381
15 dependency-track 2,347
16 jCasbin 2,326
17 find-sec-bugs 2,209
18 Bouncy Castle 2,173
19 orbot 1,988
20 burpgpt 1,895
21 Peergos 1,873
22 itext-java 1,875
23 BinAbsInspector 1,521

Sponsored
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com